> Any developments in having a RADIUS auth module written? I am still very
> interested..
>
While I'm also interested, I think we might have come up with a way
to implement RADIUS-based acl-type restrictions. Hopefully, no one
will point out glaring errors in this (but that's what this list is
here for, yes? :^)

The file "nowtime" is updated by a HTML form (that auths against
our RADIUS server), "ISPprmt" is also updated at the same time and
contains the source IP address and squid is HUP'd to force a read
of the new configuration. A cron'd job can check the modification
date/time of "nowtime" ... if over an hour old, both "nowtime" and
"ISPprmt" are /dev/null'd.

The HTML form is returned when users are denied access, so that
they can extend their access or start a new session easily.

A potential exploit is a user who accesses and has their access
extended by a later user (who updated nowtime and ISPprmt) as I've
no easy way to timestamp entries in ISPprmt (I could add bogus IPs
in the 10.x.x.x where the last three octets are a timestamp, but
is it *really* necessary?).

Anyone see a huge hole I've missed? Does this have possibilities
as a jiffy hack-implementation of RADIUS/squid authentication??